Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/67VP1eVJQOenyeJwadVIwrrfhjY.roa
File: 67VP1eVJQOenyeJwadVIwrrfhjY.roa (raw, json)
Hash identifier: //i+n8ZMooPhnHjonPst9b/9MmfDjt+lFVG4wal3Rco=
Subject key identifier: EB:B5:4F:D5:E5:49:40:E7:A7:C9:E2:70:69:D5:48:C2:BA:DF:86:36
Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Certificate serial: 684FB8
Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/67VP1eVJQOenyeJwadVIwrrfhjY.roa
Signing time: Mon 28 Mar 2022 00:04:01 +0000
ROA not before: Mon 28 Mar 2022 00:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15742
IP address blocks: 217.117.68.0/24 maxlen: 24
217.117.67.0/24 maxlen: 24
217.117.66.0/24 maxlen: 24
217.117.71.0/24 maxlen: 24
217.117.70.0/24 maxlen: 24
217.117.69.0/24 maxlen: 24
217.117.65.0/24 maxlen: 24
217.117.72.0/24 maxlen: 24
217.117.75.0/24 maxlen: 24
217.117.74.0/24 maxlen: 24
217.117.73.0/24 maxlen: 24
217.117.78.0/24 maxlen: 24
217.117.77.0/24 maxlen: 24
217.117.76.0/24 maxlen: 24
87.238.152.0/24 maxlen: 24
217.117.79.0/24 maxlen: 24
87.238.153.0/24 maxlen: 24
87.238.156.0/24 maxlen: 24
87.238.155.0/24 maxlen: 24
87.238.154.0/24 maxlen: 24
87.238.159.0/24 maxlen: 24
87.238.158.0/24 maxlen: 24
87.238.157.0/24 maxlen: 24
217.117.64.0/24 maxlen: 24
2a03:9220::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6836152 (0x684fb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622
Validity
Not Before: Mar 28 00:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebb54fd5e54940e7a7c9e27069d548c2badf8636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e6:0f:ed:24:92:59:e3:31:7f:64:8a:98:08:
24:08:6a:e0:2f:a9:73:77:cd:fe:11:f6:1d:74:84:
4f:d4:10:16:ae:a3:ca:47:9a:a4:31:e2:9f:72:7d:
72:7c:32:75:77:25:e6:ae:53:8c:1e:35:41:16:12:
95:2a:ed:9b:00:99:ad:e1:94:3c:a9:11:51:d9:0f:
8b:cc:c6:94:34:8d:08:f1:23:39:ee:fc:56:d7:e7:
46:26:36:8d:91:a8:f6:fa:2f:25:50:06:ef:71:5e:
0b:54:ab:63:2d:26:19:25:28:be:c4:67:12:c5:cf:
16:6c:97:ea:7c:e5:e0:bb:43:2b:9e:60:d2:11:63:
78:ae:fa:1a:95:60:06:0d:1f:89:65:5a:20:06:10:
cd:40:62:3b:bb:9c:66:3a:2d:7d:67:56:b6:f0:ba:
53:f4:a6:2f:8f:2c:e0:46:cb:1c:fa:f2:ef:1c:53:
8f:25:9a:49:59:fd:21:30:08:94:79:c5:a7:1e:92:
ab:9f:8f:21:59:4c:a2:2d:aa:89:ff:e3:d0:22:05:
f8:f3:bd:db:bf:a0:b7:ca:62:bc:3a:c6:55:7d:12:
01:3f:c4:cf:cd:78:cf:9b:24:55:cc:6d:a8:4d:79:
c2:a5:00:1f:a4:fc:b0:d7:0a:7a:a1:79:4f:2e:d4:
60:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B5:4F:D5:E5:49:40:E7:A7:C9:E2:70:69:D5:48:C2:BA:DF:86:36
X509v3 Authority Key Identifier:
keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/67VP1eVJQOenyeJwadVIwrrfhjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.152.0/21
217.117.64.0/20
IPv6:
2a03:9220::/32
Signature Algorithm: sha256WithRSAEncryption
70:2f:74:2e:c4:1f:cc:f9:63:ad:05:38:c1:0e:64:cd:a4:aa:
87:84:52:21:88:97:50:3c:1d:21:c2:68:54:0c:15:bd:57:33:
91:b2:6a:27:39:8b:2d:26:73:71:04:a9:89:2e:7e:90:61:19:
04:d2:9d:c5:56:8f:33:e7:eb:22:ac:c2:1a:c5:ea:45:07:06:
66:ea:04:8b:78:6e:b3:bb:6b:14:46:33:3f:67:38:5c:50:80:
97:fa:3a:11:5c:ef:db:ca:cb:7a:82:14:5b:a6:b5:c0:ca:cb:
33:ed:0b:94:c3:b0:3b:bf:ac:1f:f6:6f:88:1e:f4:a3:d0:63:
d3:23:2f:27:f8:6f:30:1d:76:7c:4c:f3:b9:4b:28:48:67:70:
f6:c8:f4:3d:dd:5f:f2:a9:98:79:73:f9:fe:ad:7a:2e:b2:39:
84:da:4d:15:a8:ad:7a:3d:ac:5d:39:25:72:00:9d:4c:e7:41:
f1:4f:01:ef:8c:61:01:1f:d3:31:be:14:d6:de:9b:69:a8:88:
55:5d:f0:ca:a4:0d:3c:eb:23:c4:34:4a:d6:80:00:c3:fc:82:
f6:a0:e3:3c:23:46:85:99:cb:7b:59:9c:20:f7:47:52:53:ad:
ca:de:e0:cf:8b:04:94:33:c5:ad:26:5c:19:3a:21:bf:1a:20:
05:15:dc:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDaE+4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
Y2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZlMWM2MjIwHhcNMjIwMzI4
MDAwNDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYmI1NGZkNWU1NDk0
MGU3YTdjOWUyNzA2OWQ1NDhjMmJhZGY4NjM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlOYP7SSSWeMxf2SKmAgkCGrgL6lzd83+EfYddIRP1BAWrqPK
R5qkMeKfcn1yfDJ1dyXmrlOMHjVBFhKVKu2bAJmt4ZQ8qRFR2Q+LzMaUNI0I8SM5
7vxW1+dGJjaNkaj2+i8lUAbvcV4LVKtjLSYZJSi+xGcSxc8WbJfqfOXgu0MrnmDS
EWN4rvoalWAGDR+JZVogBhDNQGI7u5xmOi19Z1a28LpT9KYvjyzgRssc+vLvHFOP
JZpJWf0hMAiUecWnHpKrn48hWUyiLaqJ/+PQIgX4873bv6C3ymK8OsZVfRIBP8TP
zXjPmyRVzG2oTXnCpQAfpPyw1wp6oXlPLtRgBwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFOu1T9XlSUDnp8nicGnVSMK634Y2MB8GA1UdIwQYMBaAFCrOIQkO5NeGd0E0
I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEv
NjdWUDFlVkpRT2VueWVKd2FkVkl3cnJmaGpZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8y
OTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRmLzEvS3M0aENRN2sxNFoz
UVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDV+6YAwQE2XVAMA0EAgACMAcDBQAq
A5IgMA0GCSqGSIb3DQEBCwUAA4IBAQBwL3QuxB/M+WOtBTjBDmTNpKqHhFIhiJdQ
PB0hwmhUDBW9VzORsmonOYstJnNxBKmJLn6QYRkE0p3FVo8z5+sirMIaxepFBwZm
6gSLeG6zu2sURjM/ZzhcUICX+joRXO/byst6ghRbprXAyssz7QuUw7A7v6wf9m+I
HvSj0GPTIy8n+G8wHXZ8TPO5SyhIZ3D2yPQ93V/yqZh5c/n+rXousjmE2k0VqK16
PaxdOSVyAJ1M50HxTwHvjGEBH9MxvhTW3ptpqIhVXfDKpA086yPENErWgADD/IL2
oOM8I0aFmct7WZwg90dSU63K3uDPiwSUM8WtJlwZOiG/GiAFFdzq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:13 2025 by rpki-client